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DETAILED ACTION 

1 . Claims 1-22 are pending. 

Response to Arguments 

2. Applicant has argued the following on page 15: 

Notably, the Saito reference is entirely silent with regard to any license or sub-license 
being employed to convey the encrypted content keys, as is required by claim 1. At any 
rate, neither the first Saito user nor any other actor in the Saito reference obtains a 
content key (KD) in an encrypted form, decrypts the encrypted content key (K17) to 
produce the content key (K.E8, and encrypts the content key (10) according to the 
public key (PU1) of a first device (PUI (K18), as is required by claim 1. At most, each 
Saito user decrypts an encrypted content key, but by no means does such Saito user 
encrypt the decrypted content key according to the public key (PUI) of any other user or 
device. Instead, the Saito reference teaches that only the data center performs any 
encryption of a content key according to a public key. 

It is the Examiner's understanding that to one of ordinary skill in the art, all that a digital 
license should contain is the content decryption key. Identifying information may or may 
not be provided, but it is the content decryption key which allows access to the content 
to which a user is trying to obtain content. Applicant has recited a digital license in his 
claim as follows: 
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Obtaining a digital license corresponding to the content, the digital license including the 
content key(KD) therein in an encrypted form. Such definition is consistent with the 
Examiner's understanding of the art. 

The Examiner finds no further limitations in the claim as to what a digital license 
comprises. Consequently, the Examiner maintains that Saito's digital construct which 
contains a content key may also be similarly characterized as a digital license. 

Moreover, no Saito user composes any sub-license corresponding to and based on any 
obtained license to include (PU(KD)), as is required by claim 1. Again, only the Saito 
data center is disclosed as encrypting any content keys, and not any Saito user 

The Examiner has not been able to find any recitation in the claims from which it is 
required that a user be required as encrypting the content keys. Instead, the Applicant 
appears to treat each entity as a first device, or second device, which is significantly 
broader than a limitation that a user perform a certain action. 

These arguments are believed to be the crux of Applicant's arguments. Because the 
limitations are not directly stated in the claims, the Examiner is to take on the "broadest 
reasonable interpretation" in understanding the claims and Applicant's arguments are 
unpersuasive. The rejections are maintained. 
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Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

4. Claims 1, 3-6, 8-9, 11, 13-14 is rejected under 35 U.S.C. 102(b) as being anticipated by 
Saito, US patent 6,002,772. 

In reference to claim 1 : 

Saito discloses a method for rendering encrypted digital content on a first device having a public 
key (PU1) and a corresponding private key (PR1), the digital content being encrypted according 
to a content key (KD), the method comprising: 

• Obtaining a digital license corresponding to the content, the digital license including the 
content key (KD) therein in an encrypted form, where the digital license is obtained by 
generating at the data management center the combination of content keys Ksl with the 
content name, first user data, and first user public key. (Column 6, lines 60-67) 

• Decrypting the encrypted content key (KD) from the digital license to produce the 
content key (KD), where the content keys are decrypted from the digital license. 
(Column 7, lines 5-10) 
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• Obtaining from the first device the public key thereof (PU1), where the first device is the 
first user, and the data management center obtains the public key where the user presents 
the key and requests distribution of secret keys. (Column 6, lines 43-47) 

• Encrypting the content key (KD) according to the public key (PU1) of the first device 
(PU1 (KD)), where the content key Ksl is encrypted with the public key. (Column 6, 
lines 60-67) 

• Composing a sub-license corresponding to and based on the obtained license, the sub 
license including (PU1 (KD)), and transferring the composed sublicense to the first 
device, wherein the first device can decrypt (PU1 (KD)) with the private key thereof 
(PR1) to produce the content key (KD), and can render the encrypted content on the first 
device with the produced content key(KD), where the sub-license is the encrypted secret 
keys which are transferred to the first device, or first user. (Column 7, lines 2-5), and the 
sub-license may then be decrypted to produce the content key, Ksl . 

In reference to claim 3: 

Saito discloses the method of claim 1 further comprising transferring the content to the first 
device, where the data content is supplied to the first user. (Column 5, lines 14-20) 

In reference to claim 4: 

Saito discloses the method of claim 1 for rendering encrypted digital content on a first device 
having a digital rights management system(DRM), the DRM system having the public key(PUl), 
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where the DRM is the system used in Saito (Column 6, lines 20-22) and the corresponding 
private key (PR1), the method comprising: 

• Obtaining from the first device the public key of the DRM system thereof(PUl), where 
the user presents the key and requests distribution of secret keys. (Column 6, lines 43- 
47) 

• Encrypting the content key (KD) according to the public key (PU1) of the DRM system 
of the first device (PU1 (KD)), where the content key Ksl is encrypted with the public 
key. (Column 6, lines 60-67) 

• Composing a sub-license corresponding to and based on the obtained license, the sub- 
license including (PU1 (KD)), and transferring of the composed sub-license to the first 
device, wherein the DRM system of the first device can decrypt (PU1 (KD)) with the 
private key thereof (PR1) to produce the content key (KD), and can render the encrypted 
content on the first device with the produced content key (KD), where the sub-license is 
the encrypted secret keys which are transferred to the first device, or first user. (Column 
7, lines 2-5), and the sub-license may then be decrypted to produce the content key, Ksl . 

In reference to claim 5: 

Saito discloses the method of claim 1 comprising: 

• Obtaining the digital license and storing the obtained digital license on a second device, 
where the digital license is combination of the Cks2Kb2, and Cks3kb2, and where the 
second device is the second user (Column 9, lines 8-17) 
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• Decrypting the encrypted content key (KD) from the digital license on the second device 
to produce the content key (KD), where the content keys are decrypted (Column 9, lines 
19-26) 

• Obtaining from the first device the public key thereof (PU1), where the first user presents 
the public key and the data center obtains it from the first user in this manner. (Column 

6, lines 43-47) 

• Encrypting the content key (KD) according to the public key (PU1) of the first device 
(PU1 (KD)), where the content key Ksl is encrypted with the public key. (Column 6, 
lines 60-67) 

• Composing a sub-license corresponding to and based on the obtained license, the sub- 
license including (PU1 (KD)), and transferring the composed sub-license from the second 
device to the first device, wherein the first device can decrypt (PU1 (KD)) with the 
private key thereof (PR1) to produce the content key (KD), and can render the encrypted 
content on the first device with the produced content key(KD), where the sub-license is 
the encrypted secret keys which are transferred to the first device, or first user. (Column 

7, lines 2-5), and the sub-license may then be decrypted to produce the content key, Ksl . 

In reference to claim 6: 

Saito discloses the method of claim 5 wherein the second device has a public key (PU2) and a 
corresponding private key (PR2), the method comprising: 

• Obtaining a digital license corresponding to the content, the digital license including the 
content key (KD) encrypted according to the public key (PU2) of the second device 
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(PU2 (KD)), where the content key is encrypted with a second public key and where the 
digital license is combination of the Cks2Kb2, and Cks3kb2, and where the second 
device is the second user (Column 9, lines 8-17) 
• Decrypting (PU2(KD)) from the digital license according to the private key (PR2) of the 
second device to produce the content key (KD), where the content keys are decrypted 
(Column 9, lines 19-26) 

In reference to claim 8: 

Saito (Column 7, lines 15-20) discloses the method of claim 1 wherein, the first device is a 
portable device, where the device is an IC card or PCMCIA card. 

In reference to claim 9: 

Saito discloses the method of claim 1 wherein obtaining from the first device the public key 
record thereof(PUl) comprises receiving a certificate from the first device within which is 
(PU1), where the user presents the key along with user data. (Column 6, lines 43-47), and it is 
understood in the art that a digital certificate typically comprises user identification data and the 
public key. 

In reference to claim 1 1 : 

Saito discloses the method of claim 9 comprising receiving a certificate from the first device 
within which is (PU1) and information relating to the first device, where the user presents the 
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key along with user data. (Column 6, lines 43-47), and it is understood in the art that a digital 
certificate typically comprises user identification data and the public key. 

Claim 13 is rejected for the same reasons as claim 11. 

In reference to claim 14: 

Saito discloses the method of claim 1 1 further comprising obtaining (PU1 (KD)) from the 
transferred sub-license(Column 7, lines 2-5), applying (PR1) to (PU1 (KD)) to obtain the content 
key (KD) , and applying (KD) to decrypt the encrypted content, all by the first device. (Column 
7, lines 5-13) 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claims 2, 7, 10, 12, 15-22 are rejected in view of Sato, US patent 6,002,772. 



In reference to claim 2: 
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Saito fails to disclose the method of claim 1 further comprising, prior to composing the sub- 
license and transferring the composed sub-license to the device, checking the obtained license to 
determine that such license permits issuance of the sub-license to the device. 

The Examiner takes official notice that authenticating users through user submitted personal 
information was well known in the art at the time of invention. 

Saito however discloses that information regarding the user identity is submitted. While it is not 
explicitly stated that the data management center users this information to verify the identity of 
the user, it would have been obvious to one of ordinary skill in the art at the time of invention to 
authenticate the user with the user submitted data to make ensure the content wouldn't be 
submitted to someone without the proper credentials. 

In reference to claim 7: 

Saito fails to explicitly discloses the method of claim 5 wherein the second device is a computer. 
The Examiner takes official notice that using computers for data content distribution was well 
known in the art at the time of invention. 

It would have been obvious to one of ordinary skill in the art to distribute the data to a computer, 
provided the extra processing power a computer has over other electronic devices such as 
calculators. 



Application/Control Number: 09/892,371 Page 1 1 

Art Unit: 2134 

In reference to claim 10: 

Saito fails to discloses the method of claim 9 further comprising comparing the received 
certificate against a revocation list to ensure that the certificate has not been compromised. 
The Examiner takes official notice that checking to see if a certificate has been compromised 
against a list was well known at the time of invention. This technology, known as CRLs or 
certificate revocation lists is a list that is passed around or stationary on a server, that computers 
may use to determine the "Freshness" of a given certificate. 
Examples of prior art that use CRLs are patents: 
5717757,5666416,5793868. 

It would have been obvious to one of ordinary skill in the art at the time of invention to check if 
a certificate was valid against a list in order to determine whether the information the user was 
providing was up to date. 

Claim 12 is rejected for the same reasons as claim 2. 
In reference to claim 15: 

Saito discloses a method for rendering encrypted digital content on a first device having a public 
key (PU1) and a corresponding private key (PR1), the digital content being encrypted according 
to a content key (KD), the method comprising: 

• Providing the public key (PU1) to a second device, wherein the second device obtains a 
digital license corresponding to the content, the digital license including the content key 
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(KD), encrypts the content key (KD) according to the public key(PUl) of the first device 
(PU1 , (KD)) and composes a sublicense corresponding to and based on the obtained 
license, the sub-license corresponding to and based on the obtained license, the sub- 
license including (PU1, (KD)), where the second device is the data center, and where the 

• Receiving the composed sub-license from the second device, where the composed sub- 
license is created and sent tot he user. (Column 7, lines 3-5) 

• Obtaining (PU1 (KD)) from the received sub-license (Column 7, lines 5-12) 

• Applying (PR1) to (PU1 (KD)) to obtain the content key(KD) (Column 7, lines 5-12) 

• Applying (KD) to decrypt the encrypted document, where Ksl is used to decrypt the 
content. (Column 6, lines 43-46) 

Saito fails to explicitly disclose rendering the decrypted document 

The Examiner takes official notice that rendering digital content was well known at the time of 
invention. 

It would have been obvious to one of ordinary skill in the art to render to the content of Saito in 
order to take advantage of the fact that that is what the content is there for. 

In reference to claim 16: 

Saito discloses the method of claim 15 further comprising receiving the content from the second 
device, where the second device is the data center, and the content is received by the first user. 
(Column 5, lines 15-20) 
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Claim 17 is rejected for the same reasons as claim 15. 
Claim 18 is rejected for the same reasons as claim 7. 

Claim 21 is rejected for the same reasons as claim 2, where the second device is the data center. 
Claim 19 is rejected for the same reasons as claim 8. 

Claim 20 is rejected for the same reasons as claim 11, where the second device is the data center. 
Claim 22 is rejected for the same reasons as claim 11, where the second device is the data center. 

Conclusion 

7. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy 
as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of the final action and the advisory action is not mailed under after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension pursuant to 37 CFR 
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1.136(A) will be calculated from the mailing date of the advisory action. In no event, however, 
will the statutory period for reply expire later than SIX MONTHS from the mailing date of this 
final action. 

8. Any inquiry concerning this communication from the examiner should be directed to 
Thomas M Ho whose telephone number is (571)272-3835. The examiner can normally be 
reached on M-F from 9:30 AM - 6:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Gregory A. Morse can be reached on (571)272-3838. 

The Examiner may also be reached through email through Thomas,Ho6(aiuspto. gov 

Any inquiry of a general nature or relating to the status of this application or proceeding should 

be directed to the receptionist whose telephone number is (571)272-2100. 

General Information/Receptionist Telephone: 571-272-2100 Fax: 703-872-9306 
Customer Service Representative Telephone: 571-272-2100 Fax: 703-872-9306 



TMH 



August 8 , 2005 
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